Revoking read access from stored procedures ...

  • Hello All,

    I have created a database role on a particular database which a READ access to 10 tables only within that database. Now, I added 5 logins (domain id) in sql server where tha said database is hosted and made them a part of the role mantioned above.

    Somehow, these users are also able to read all the stored proc present in that database. Some stored procs contain sensitive logins and passwords and I want to revoke the read access form all the stored proces present.

    I have a hunch that since by default every users added into a database becomes a part of public group, the stored proces are also accessed through the poblic role.

    Can anybody pls suggest how to overcome this ..??

    Regards

     

  • Revoke "exec" permission from public role and grant it only to some individuals.

  • "Somehow, these users are also able to read all the stored proc present in that database"

    Are you worried that the users can read the text inside your stored procedures? or that users can execute the stored procedures and get results ?


    Julian Kuiters
    juliankuiters.id.au

  • "Some stored procs contain sensitive logins and passwords"

    You might want to think about encrypting these stored procs.

    As an alternative you might want to think about storing the id & encrypted passwords  elsewhere, say a table that only authorized people have access to, and retrieve them during at execution time and only grant execute permissions on the proc to the appropriate people.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply